Log4j Resource Center

This Log4j Resource Center is a collection of some of our advisories, articles, and case studies put together for the infosec community.

What is Log4j?

The Java logging library, Log4j, is a ubiquitous software used to record activities in a wide range of systems found in consumer-facing products, enterprise software, and web applications. Recently, a serious vulnerability in this popular package, CVE-2021-44228, was disclosed in Log4j versions 2.0 to 2.14.1, posing a severe risk to millions of software and web apps. An exploit known as “Log4shell” was publicly disclosed in December 2021 and it is highly recommended this flaw be patched as soon as possible.

Recent Blogs


Other Resources




Recommended Resources

Cyber Risk Quantification: A CISO Executive Guide
How to Calculate your Enterprise’s Breach Risk
9 Slides Every CISO Must Use in Their Board Presentation
9 Slides Every CISO Must Use in Their 2024 Board Presentation
Oerlikon case study
Case Study
Oerlikon Reduces Patch Time and Improves Management-Level Cyber Risk Visibility